Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
File:                     8AI84rpaHU_QpeIn3nTLxB0rucg.mft (raw, json)
Hash identifier:          b3M6m3ZLIVU1Lx2gyG8nlcuL7E7+d2TSpb3g4amSzfc=
Subject key identifier:   82:C4:C6:91:7F:23:06:34:41:FD:C4:A9:42:0C:F1:65:E9:A1:71:4C
Authority key identifier: F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8
Certificate issuer:       /CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
Certificate serial:       019769CEA1DA89AFB4CBD2243EDE447417F3
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
Manifest number:          12D6
Signing time:             Fri 13 Jun 2025 15:00:38 +0000
Manifest this update:     Fri 13 Jun 2025 15:00:38 +0000
Manifest next update:     Sat 14 Jun 2025 15:00:38 +0000
Files and hashes:         1: 8AI84rpaHU_QpeIn3nTLxB0rucg.crl (hash: BVnjZuKkHn/pKBTCMl1AO0soFsdPtYlwvqKXP5TQK2Y=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 14 Jun 2025 13:55:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:97:69:ce:a1:da:89:af:b4:cb:d2:24:3e:de:44:74:17:f3
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=f0023ce2ba5a1d4fd0a5e227de74cbc41d2bb9c8
        Validity
            Not Before: Jun 13 15:00:38 2025 GMT
            Not After : Jun 14 15:00:38 2025 GMT
        Subject: CN=82c4c6917f23063441fdc4a9420cf165e9a1714c
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ea:8e:bd:67:e7:9a:3b:f8:18:da:cc:ab:47:14:
                    8a:de:12:73:a8:be:38:fa:6c:7a:65:ef:db:b3:c8:
                    e7:84:52:66:77:fa:bc:2e:88:3e:87:c3:c7:be:34:
                    15:ff:08:f9:70:8d:35:27:30:d7:0f:c3:e1:4b:ba:
                    94:40:b8:62:f9:57:d9:66:62:bf:1c:d4:76:34:fd:
                    78:c1:4a:f7:7c:02:90:58:3c:db:3e:43:fb:a7:f2:
                    b0:8f:5d:99:40:60:fb:79:b6:02:91:40:96:c5:87:
                    6b:3a:54:4b:f4:16:a9:19:50:6f:62:15:03:8b:a7:
                    ec:fb:0c:62:bc:0a:52:f6:68:63:23:5b:2b:4b:b4:
                    f1:c5:4d:18:81:26:0a:07:55:ec:19:14:cb:3c:4e:
                    93:79:c8:00:b6:30:a4:62:f9:c7:c2:64:99:f8:a0:
                    32:b3:62:21:fd:4c:c3:ce:33:30:31:f3:35:9c:68:
                    c9:c0:23:fe:5e:ff:74:7e:fc:92:0b:70:09:64:af:
                    23:b8:7f:33:81:bb:74:9c:20:dc:f4:d8:e3:53:d7:
                    3d:0e:ea:5a:49:79:72:c4:79:3a:f7:38:cb:ab:4c:
                    d7:fe:63:8c:a4:38:bf:12:fd:bb:a5:64:fb:9c:72:
                    ad:e4:1a:6e:d0:f7:63:dc:c7:e7:ab:7c:8a:6e:8a:
                    09:03
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                82:C4:C6:91:7F:23:06:34:41:FD:C4:A9:42:0C:F1:65:E9:A1:71:4C
            X509v3 Authority Key Identifier:
                keyid:F0:02:3C:E2:BA:5A:1D:4F:D0:A5:E2:27:DE:74:CB:C4:1D:2B:B9:C8

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8AI84rpaHU_QpeIn3nTLxB0rucg.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/0a0c19-023c-40f5-a772-ebd69d7734f0/1/8AI84rpaHU_QpeIn3nTLxB0rucg.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         a6:98:7b:ce:df:77:c7:69:14:8a:fc:e8:96:22:8e:43:df:75:
         91:dd:dd:6d:82:0a:ad:e9:13:17:bb:9a:21:bd:c4:cb:4b:c7:
         bc:59:9f:b3:12:5c:3a:fd:57:ae:24:7f:8c:5d:7d:f4:03:8b:
         e5:18:51:ee:3f:b3:82:9e:23:77:55:bc:20:74:21:dd:21:9a:
         7b:f8:7c:de:bb:a4:56:1a:ae:51:cc:3b:8b:1c:cf:26:a3:a7:
         b3:76:e4:15:72:35:88:94:4e:a4:92:eb:ad:2d:3a:40:2e:65:
         5b:71:54:39:54:d7:56:52:6b:03:d9:3b:0e:2a:23:a9:e3:a7:
         30:d5:d8:22:da:e3:ee:65:65:14:da:73:47:a5:1e:c6:d5:64:
         b0:9d:79:c4:76:1e:4d:86:7e:0f:a6:bb:69:64:1c:79:30:72:
         82:94:5a:19:66:fd:5f:b8:9a:ba:2a:22:5b:ab:94:97:46:46:
         b2:b8:81:62:b9:92:2d:1d:23:a3:d7:09:72:52:91:9b:3c:cc:
         1a:9c:94:cc:1f:91:2f:fa:1c:39:d6:34:ab:77:18:bd:c7:14:
         4f:25:c8:0f:35:76:a3:92:29:79:25:39:f2:fc:93:f7:c1:e0:
         11:05:f2:66:97:24:b3:10:1d:74:c6:96:82:c3:76:35:17:82:
         01:c9:4f:ef
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdpzqHaia+0y9IkPt5EdBfzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMDIzY2UyYmE1YTFkNGZkMGE1ZTIyN2RlNzRjYmM0MWQy
YmI5YzgwHhcNMjUwNjEzMTUwMDM4WhcNMjUwNjE0MTUwMDM4WjAzMTEwLwYDVQQD
Eyg4MmM0YzY5MTdmMjMwNjM0NDFmZGM0YTk0MjBjZjE2NWU5YTE3MTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6o69Z+eaO/gY2syrRxSK3hJzqL44
+mx6Ze/bs8jnhFJmd/q8Log+h8PHvjQV/wj5cI01JzDXD8PhS7qUQLhi+VfZZmK/
HNR2NP14wUr3fAKQWDzbPkP7p/Kwj12ZQGD7ebYCkUCWxYdrOlRL9BapGVBvYhUD
i6fs+wxivApS9mhjI1srS7TxxU0YgSYKB1XsGRTLPE6TecgAtjCkYvnHwmSZ+KAy
s2Ih/UzDzjMwMfM1nGjJwCP+Xv90fvySC3AJZK8juH8zgbt0nCDc9NjjU9c9Dupa
SXlyxHk69zjLq0zX/mOMpDi/Ev27pWT7nHKt5Bpu0Pdj3Mfnq3yKbooJAwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFILExpF/IwY0Qf3EqUIM8WXpoXFMMB8GA1UdIwQY
MBaAFPACPOK6Wh1P0KXiJ950y8QdK7nIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzIt
ZWJkNjlkNzczNGYwLzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wYTBjMTktMDIzYy00MGY1LWE3NzItZWJkNjlkNzczNGYw
LzEvOEFJODRycGFIVV9RcGVJbjNuVEx4QjBydWNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEApph7zt93
x2kUivzoliKOQ991kd3dbYIKrekTF7uaIb3Ey0vHvFmfsxJcOv1XriR/jF199AOL
5RhR7j+zgp4jd1W8IHQh3SGae/h83rukVhquUcw7ixzPJqOns3bkFXI1iJROpJLr
rS06QC5lW3FUOVTXVlJrA9k7DiojqeOnMNXYItrj7mVlFNpzR6UextVksJ15xHYe
TYZ+D6a7aWQceTBygpRaGWb9X7iauioiW6uUl0ZGsriBYrmSLR0jo9cJclKRmzzM
GpyUzB+RL/ocOdY0q3cYvccUTyXIDzV2o5IpeSU58vyT98HgEQXyZpcksxAddMaW
gsN2NReCAclP7w==
-----END CERTIFICATE-----